From: Ansgar Burchardt Date: Sat, 18 Aug 2012 16:43:36 +0000 (+0200) Subject: dak/process_policy.py: escape '_' in string passed to SQL LIKE operator later X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ba5f3d6d9452c76687683fc3c56cd9f2aa5539e0;p=dak dak/process_policy.py: escape '_' in string passed to SQL LIKE operator later --- diff --git a/dak/process_policy.py b/dak/process_policy.py index 77bc448a..8103fd0b 100755 --- a/dak/process_policy.py +++ b/dak/process_policy.py @@ -68,6 +68,10 @@ def do_comments(dir, srcqueue, opref, npref, line, fn, transaction): else: changes_prefix = changes_prefix + '.changes' + # We need to escape "_" as we use it with the LIKE operator (via the + # SQLA startwith) later. + changes_prefix = changes_prefix.replace("_", r"\_") + uploads = session.query(PolicyQueueUpload).filter_by(policy_queue=srcqueue) \ .join(PolicyQueueUpload.changes).filter(DBChange.changesname.startswith(changes_prefix)) \ .order_by(PolicyQueueUpload.source_id)